Here’s a mail I received a few days ago:
Hi Tapas,
In your blog can you please write about the security standards which you follow if anyone orders the book using credit/debit card from your site. I am telling you because today I wanted to buy some book and I was browsing through your site [...] and one of my friends asked me not to do that because he suspected that once I give the card number it might be misused. Many people might have inhibitions like that and you can clear it either telling something on the site or on your blog.
Regards,
Rakesh
A very valid concern. One of our main challenges was to get Payment Gateway integration, but that was a cakewalk compared to the challenge of finding customers and getting them to pay online. Hope this helps:
Flipkart.com does not store/save any of your information
When you click on the Pay By Credit Card / Debit Card / Netbanking link, you are redirected to a Payment Gateway like www.ebs.in or www.ccavenue.com. All your details are processed through them and the only thing we receive is a transaction ID against your Order, as confirmation that payment has been received.
All your details get processed and verified by the Payment Gateway and your Credit Card Company / Bank.
As far as how secure the Payment Gateways are, here are some details:
- Payment Gateways are PCI DSS 1.1 Standards Compliant
- They are registered and authenticated by Verisign, and use 128 bit SSL (Secure Sockets Layer)
- They also implement the Verified By Visa and the MasterCard Secure Code Protocols
EBS uses seven server architecture model which helps in better encryption of data which protects the clients information. All credit card authorization is done using the high-tech Axis, HDFC and Citibank’s secure servers and the same is encrypted before it is transmitted over the Internet to the Acquiring Banks. Additionally EBS servers are behind security firewalls to ensure maximum protection of our customer’s information. This guarantees that your information is inaccessible to any third party. EBS uses the best industry-standard Verisign Technology, which ensures the security of the data
CCAvenue uses secure servers throughout and adopts stringent security measures to ensure that sensitive information such as customers’ personal details is protected. Customers enter all their personal information and Credit Card details on ICICI’s E-Payments(Payseal) and Citibank’s secure servers and the same is encrypted before it is transmitted over the Internet to the Acquiring Banks. Additionally CCAvenue’s server is behind security firewalls to ensure maximum protection of your customer’s information.
Modes of Payment - Distribution
This should allay all fears of paying online. Most of our customers do in fact pay online (as opposed to Cheque / DD / Money Order) and in the past two years that we’ve been up, we have had not one instance of fraud or misuse of details.
Online payment is safe. Payment gateways are secure.
2 Comments
Hey, good one, but you must also advice on the frequent traps set and how they can be sure that they are on the right website, certificates etc I guess.
Hey Paranoid Freaks
Firstly, it is scientifically proven fact that 92% of people who are scared to pay online, generally have an account balance which is less than 10% of thier monthly salary.
96% of These same people have credit cards which are already over-spent.
So I canot understand what the big deal is about.
I mean the internet & online shopping has been around for the last 10 years.
Have some faith in the people who put up respectable sites like selling books.
I can understand doubt if you were buying contraband or mp3 or porn.
But hey, its books !
Get online, and Buy. Now !